package cn.ssms.realm;

import java.util.HashSet;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class ShiroDbRealm extends AuthorizingRealm {
	private static Logger logger = LoggerFactory.getLogger(ShiroDbRealm.class);
/*	
	@Autowired
	private AdminService adminService;*/
	
	public ShiroDbRealm() {
		super();
	}
	
	/**
	 * 认证回调函数, 登录时调用.
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken authcToken) throws AuthenticationException {
				return null;			
	/*	UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		Admin admin = adminService.findAdminByCode(token.getUsername());
		if (admin != null) {
			if (7==admin.getRoleId()) {//判断是否停用   0停用 1生效
				throw new LockedAccountException();
			}
		     Subject currentUser = SecurityUtils.getSubject();  
			 Session session = currentUser.getSession();
			 session.setAttribute("id", admin.getId());
			 session.setAttribute("userCode", admin.getUserCode());
			 session.setAttribute("userName", admin.getUserName());
			 session.setAttribute("roleId", admin.getRoleId());
			 session.setAttribute("password", admin.getPassword());
			return new SimpleAuthenticationInfo(admin.getUserCode(), admin.getPassword(), getName());
		}else{
			throw new UnknownAccountException();
		}*/
	}

	/**
	 * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用.
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		logger.info("----------获取权限----------");
		/* 这里编写授权代码 */
		//获取用户登录名
//		String loginName = (String)principals.getPrimaryPrincipal();
//		List<UserRole> roleSet = userService.findUserRoleByLoginName(loginName);
		
		Set<String> roleNames = new HashSet<String>();
	    Set<String> permissions = new HashSet<String>();
/*		if (roleSet != null && !roleSet.isEmpty()) {
			for (UserRole userRole : roleSet) {
				roleNames.add(userRole.getRole_name());
			}
		}*/
	    roleNames.add("menu");
	    permissions.add("user.do?myjsp");
	    permissions.add("login.do?main");
	    permissions.add("/views/showUser.jsp");
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
	    info.setStringPermissions(permissions);
		return info;
	}

	/**
	 * 更新用户授权信息缓存.
	 */
	public void clearCachedAuthorizationInfo(String principal) {
		SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, getName());
		clearCachedAuthorizationInfo(principals);
	}

	/**
	 * 清除所有用户授权信息缓存.
	 */
	public void clearAllCachedAuthorizationInfo() {
		Cache<Object, AuthorizationInfo> cache = getAuthorizationCache();
		if (cache != null) {
			for (Object key : cache.keys()) {
				cache.remove(key);
			}
		}
	}

}
